[Samba] Re: winbind: BUILTIN\users group gid 1001 conflict
Christoph Peus
cp at uni-wh.de
Thu Apr 5 08:48:15 GMT 2007
Gerald (Jerry) Carter wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Christoph Peus wrote:
>> Don Piven wrote:
>>> Sez Christoph Peus:
>>>> Hi everybody,
>>>>
>>>> I've joined a fileserver running samba 3.0.24 to an AD domain using
>>>> winbind and noticed that samba maps the "users" group SID
>>>> (5-1-5-32-545) to gid 1001 automatically. This seems to conflict
>>>> with one of ~2000 mappings I had to "inject" in winbinds
>>>> winbindd_idmap.tdb by use of net idmap dump/restore, because the
>
> I don't remember but I assume the restore sets the UID and
> GID HWM values right ?
Yes, it does.
At the moment it looks like this (and the numbers haven't changed much
since I have imported the mappings to winbindd_idmap initially):
lunkwill / # net idmap dump /var/cache/samba/winbindd_idmap.tdb | grep HWM
USER HWM 51674
GROUP HWM 10760
>> Thanks for the hint, but both are set to 1000-60000,
>> which is - as far as I know - the correct setting
>> if domain users/groups SIDs shall resolve to uids/gids
>> of this range.
>
> Definitely sounds like the HWM values are wrong. Winbindd
> uses these records to determine the next available uid/gid
> which can be allocated.
Hmmm... when does winbindd allocate a gid for the "Users"-group SID? At
startup time? (I couldn't find a reference to S-1-5-32-545 in the
winbindd*.tdb files, so I guess that this is done on every startup...)
With the HWM values you see above I don't know why winbindd allocates
the gid 1001 to the "Users"-group.
Thanks for your support!
Christoph
More information about the samba
mailing list